Assumptions:
- You have LDAP installed and configured.
- You have Apache Derby installed on your system.
- You need JNDI libraries from Sun (I am using jndi 1.2.1)
- You need LDAP libraries from Sun. (I am using ldap 1.2.4)
Procedures:
Global:
If you want to have the configuration set on a global level add the following to a file called derby.properties in the installation directory. You will need to modify it to match your environment.
derby.connection.requireAuthentication=true
derby.authentication.provider=LDAP
derby.authentication.server=ldap://localhost:389
derby.authentication.ldap.searchBase=ou=people,dc=bluelotusholdings,dc=com
derby.database.defaultAccessMode=fullAccess
Database:
You can set the database properties on a database basis. This is accomplished by setting the parameters (database properties) in the database using SQL. The script is located below. This must be modified to accommodate your environment. Place the jndi and ldap files in the directory containing the database (see below). The database in my example is called ldaptest.
Once you have executed the script above, you will need to restart the database. I used my Aqua Studio application to connect to the database.
/* Apache Derby 10.x */
/*
* This file is used to set the database-wide LDAP configuration. Rebooting the service is
* required for the changes to take effect.
*/
/* Set the authentication provider to LDAP */
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(
'derby.authentication.provider',
'LDAP')
/* Set the LDAP server */
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(
'derby.authentication.server',
'banyan:389')
/* Set the BaseDN to search */
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(
'derby.authentication.ldap.searchBase',
'ou=people,dc=bluelotusholdings,dc=com')
/* Create a cached entry for a user */
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(
'derby.user.jyeary',
'uid=jyeary,ou=people,dc=bluelotusholdings,dc=com')
All Done!
Notes:
- If LDAP is not available you can not connect to the database.
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('derby.authentication.server',
ReplyDelete'banyan:389')
-----> why it is not 'localhost:389' here? The LDAP server is located on the localhost, isn't it.
In this case, the server is called banyan and it is accessible from the network. If you used localhost, then the application would only be available from the single machine and not the network.
ReplyDelete